Hi
Apologies in advance if I'm going over old ground here - I have spent
a day and a bit searching the web and have found people with the same
problem, but I'm not finding the solution anywhere...
I've created my own Tomcat Realm that performs custom
authentication. The various authenticate() and getPrinicipal()
methods return a custom principal. My custom principal implements a
custom interface, which in turn implements the standard Principal, i.e.:
package poc.security;
public interface I_TestPrincipal extends java.security.Principal
{ ... }
public class TestPrincipal implements I_TestPrincipal { ... }
Based on this, I can login to the website and authentication works
fully, as do the role checks (such as request.isUserInRole() called
from a JSP).
However, if I want my page to do anything with my custom principal, I
get a ClassCastException. So, for example, the following line will
fail:
((I_TestPrincipal) request.getUserPrincipal()).someCustomMethod()
The best notes I've found on the subject are those in the Tomcat Wiki
HowTo, and I think the most suitable of those suggestions is the
solution based on Common Interfaces.
So, I've partitioned my code such that:
JSPs/Servlets are in a WAR in $TOMCAT/webapps
Realm and Principal classes are in a JAR installed in $TOMCAT/server/
lib
Principal Interface is in a JAR in $TOMCAT/common/lib
If I understand the wiki correctly, this should work. However,
although my realm still works fully and authentication succeeds and
although my JSP can find/load the interface class, the cast
(I_TestPrincipal) request.getUserPrincipal()
still fails.
In case it helps, I'm running Tomcat 5.5.17 on Mac OS 10.4.7
Thanks in advance
Darren Clarke
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
